Database Security

written by: anuramn•edited by: Lamar Stonecypher•updated: 8/10/2011

Threats and risks to databases have increased and therefore, the need for securing databases has also increased. Let's learn about the basic facets of database security, including assurance, integrity, availability, and confidentiality.

slide 1 of 3

The majority of the companies store sensitive data in databases. However, database security is sometimes not given as much thought and effort as other areas of computer security. Hackers have been able to target large databases in recent years to obtain sensitive information like credit card numbers and other personal information. It is important to protect databases against these risks, and this is where database security comes into place.

slide 2 of 3

What are the Basic Facets of Database Security?

Database security can be defined as a system or process by which the "Confidentiality, Integrity, and Availability," or CIA, of the database can be protected. Unauthorized entry or access to a database server signifies a loss of confidentiality; unauthorized alteration to the available data signifies loss of integrity; and lack of access to database services signifies loss of availability. Loss of one or more of these basic facets will have a significant impact on the security of the database.

For an illustration of this concept, imagine that the website of a company contains information like who they are, what they do, and what prospective customers have to do to contact them for their queries. In this case, the availability of the database services is more important when compared with other factors like the confidentiality or integrity of the database security.

For a company that sells products or goods online, however, confidentiality and integrity are more important as customers use their credit cards to buy goods online only when the site is available.

Another factor needs to be addressed when examining database security and that is "Assurance."

What is database assurance? Take for example, a web application that acts as a frontend to a database server. If the web application that is selling online goods is vulnerable to cross-site-scripting, the chances of people not trusting the website becomes greater. When customers lose trust or assurance in the company, this may consequently lead to loss in the business.

Databases are susceptible to other vulnerabilities like poor password management, SQL injection, leakage of data, and improper error handling apart from cross site scripting. Hackers try to attack databases that are configured poorly. Hackers take advantage of these database weaknesses to exploit the database vulnerabilities.

The risks involved with the database are not the same for every database present in the organization; therefore, security controls or measures to these databases differ. As there are various databases like Oracle, SQL and Access, different types of database security solutions are also available in the market. One needs to assess the risk for the database involved and mitigate the risk by designing and implementing appropriate database security solutions. If security is the key driver for database configuration, the data will remain safe and secure.

Understanding Database Security

An ever increasing number of databases are needed in business, and, with the advent of the Internet, threats or risks to these databases are increasing apace. In this series, we provide a definition of database security, and look at security concepts and the types of threats involved.